The Microsoft Security Response Center is part of the defender community and on the front line of security response for our customers and the company. Our mission is to protect customers and Microsoft from current and emerging threats related to security and privacy. We monitor threats and provide updated tools and guidance to help organizations defend against, identify, and remediate attacks.
Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972)
Summary Summary Microsoft recently mitigated a vulnerability in Azure Data Factory and Azure Synapse pipelines. The vulnerability was specific to the third-party Open Database Connectivity (ODBC) driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime (IR) and did not impact Azure Synapse as a whole.
Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution
MSRC was informed by Wiz, a cloud security vendor, under Coordinated Vulnerability Disclosure (CVD) of an issue with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass authentication to gain access to other customers’ databases.
Congratulations and New Swag Awards for the Top MSRC 2022 Q1 Security Researchers!
Today, we are excited to recognize this quarter’s Microsoft Researcher Recognition Program leaderboard and share new swag awards and improvements to the leaderboard. Congratulations and thank you to everyone for your hard work and continued partnership to secure customers.
The top three researchers of the 2022 Q1 Security Researcher Leaderboard are: Yuki Chen, William Söderberg, and Terry Zhang @pnig0s!
影響の大きいシナリオにおけるマイクロソフトのバグ報奨金プログラムの拡大
本ブログは、Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programsの抄訳版です。最新の情報は原文を参照し
Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs
We are excited to announce the addition of scenario-based bounty awards to the Dynamics 365 and Power Platform Bounty Program and M365 Bounty Program. Through these new scenario-based bounty awards, we encourage researchers to focus their research on vulnerabilities that have the highest potential impact on customer privacy and security. Awards increase by up to 30% ($26,000 USD total) for eligible scenario submissions.
オンプレミスサーバー製品追加! アプリケーションとオンプレミス サーバーのバグ報奨金プログラムの紹介
本ブログは、On-Premises Servers Products are Here! Introducing the Applications and On-Premises Servers Bug Bounty Program の抄訳版です。最新の情報は原文を参照して
Randomizing the KUSER_SHARED_DATA Structure on Windows
Windows 10 made a lot of improvements in Kernel Address Space Layout Randomization (KASLR) that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space (VAS) locations including kernel stacks, pools, system PTEs etc. are randomized. A well-known exception to this is the KUSER_SHARED_DATA structure which is a page of memory that has always been traditionally mapped at a fixed virtual address in the kernel.